Forum Discussion
Geolocation query from IP address
Hi, Any idea if that's possible (and if yes - how) to add resolving of IP address to geolocation and any other IP information in a query in Log Analytics? For example, part of the message body I hav...
I've created a script that uses the O365 90 day audit log (if enabled). It will pull down a list of IP's for a user or organisation, query the IP's location using a website API, caches the details in a database (you need to create the DB, very easy), then uses the collected data to combine login events, IP's and geolocation into an out-put.
If you have a CSP account with associated customers underneath it, you can use the secure app model to run it across multiple tenants. This has proven very effective so far.
Let me know if you want a copy and I'll send it over to you.
Example of output:
GBarnes_Access Hi I would like to have it please!
